orca-so.app Open in urlscan Pro
2606:4700:3035::6815:374e Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orca-so.app/
Effective URL:
https://orca-so.app/
Submission: On January 27 via api (January 27th 2024, 10:51:20 pm UTC) from US — Scanned from US

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::6815:374e, located in United States and belongs to CLOUDFLARENET, US. The main domain is orca-so.app.
TLS certificate: Issued by GTS CA 1P5 on November 30th 2023. Valid for: 3 months.

This is the only time orca-so.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3035::6815:374e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:b32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.169.52 52.222.169.52	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	44.238.254.105 44.238.254.105	16509 (AMAZON-02) (AMAZON-02)
15	8

3 2606:4700:3035::6815:374e (United States)

ASN13335 (CLOUDFLARENET, US)

orca-so.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:b32 (United States)

ASN13335 (CLOUDFLARENET, US)

www.orca.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.169.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-52.cdg52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.254.105 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-254-105.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com — Cisco Umbrella Rank: 7010 m.stripe.com — Cisco Umbrella Rank: 1188	5 KB
3	orca.so www.orca.so	16 KB
3	orca-so.app orca-so.app	62 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1315	16 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	31 KB
15	5

	Domain	Requested by
3	q.stripe.com	orca-so.app
3	www.orca.so	orca-so.app
3	orca-so.app	orca-so.app
2	m.stripe.network	js.stripe.com m.stripe.network
2	js.stripe.com	orca-so.app js.stripe.com
1	m.stripe.com	m.stripe.network
1	ajax.googleapis.com	orca-so.app
15	7

This site contains links to these domains. Also see Links.

Domain
v1.orca.so

Subject Issuer	Validity	Valid
orca-so.app GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.orca.so GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://orca-so.app/
Frame ID: F99E9CEB399524122C245AA675BAB256
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: AC39A2DCFBA87BF90A3F699C6A298216
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C40E74578AB2DAB5487E1B7DFDC9196A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Orca | DeFi for people, not programs

Page URL History Show full URLs

http://orca-so.app/ HTTP 307
https://orca-so.app/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

8
IPs

1
Countries

130 kB
Transfer

441 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://v1.orca.so/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://v1.orca.so/disclaimer
Title: Orca Protocol Disclaimer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orca-so.app/ HTTP 307
https://orca-so.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
orca-so.app/
Redirect Chain

http://orca-so.app/
https://orca-so.app/

169 KB
56 KB

255ms
126ms

Document
text/html

2606:4700:3035::6815:374e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orca-so.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:374e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5c7ff3610c344e4ab26d45f23e9133706716c410db246a482b004b7079c4e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84c48f2c88354bd8-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 27 Jan 2024 22:51:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kWH1SqkP9YrUCTyWqbqJEvcDNAfc8kGKHHfl4BpUmPibhmwum0Ea8fiVtKg5Ch%2FnAYMJfCubxDDFFDO7amEiLmEL8vfWvJ4ELz0BghzsiniTWgDFVX7H1xgltwzysJuEhGlrckyJvRYyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://orca-so.app/
Non-Authoritative-Reason: HSTS

GET
H2 200 styles.css
orca-so.app/ 23 KB
5 KB 194ms
193ms Stylesheet
text/css 2606:4700:3035::6815:374e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orca-so.app/styles.css
Requested by: Host: orca-so.app
URL: https://orca-so.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:374e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4de0f7541473fd639ed252f1ed9b1169a3336b39acbef43d48b5335b169ae323

Request headers

accept-language: en-US,en;q=0.9
Referer: https://orca-so.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:51:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 23:40:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5bee-60f048981eba4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKbfwC2lc35oHf2QCpNlPW%2FifNDxbjm65R7gJRaFjuddJbMBI%2BJ3v74afRycF9R1nQldMJ4PRMjvys%2FdawvCfPUYWgq08pQYDFhgt2AfPENp7KxTd4Lobe0UF1VgU3JlELDhdsFybaGfHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 84c48f2d78764bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 func.js Show response
orca-so.app/ 2 KB
897 B 192ms
192ms Script
text/javascript 2606:4700:3035::6815:374e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://orca-so.app/func.js
Requested by: Host: orca-so.app
URL: https://orca-so.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:374e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0031faa52ea912fee1494db76442c8f8d2c5af5fa9ac077f8a45209a6f83b41d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://orca-so.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:51:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 23:40:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"618-60f04899f66ef-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mDpyZs954Fzq50JvcK2uYeP%2BqrCjdOHE9jPvkFb4iJJ1olCWsZ70iuPfgpYpno4tPuCBgbFEiEciAvILgXnLJbX5xzJsZWJTTh8v2K3eKigm5Z62vwrnAdshMG%2BMKy1MLYyEz555P%2BBCgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 84c48f2d78774bd8-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 202ms
31ms Script
text/javascript 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: orca-so.app
URL: https://orca-so.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://orca-so.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:33:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:33:34 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0a1e2263ef6cdf30ab88d2f53e6d4e16a40e66fc3f4d28755d6bc11bb19ec81

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 618 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 103ef4b670d4ab81793bf213a9cc1024ac25064260b7cda7f11ef90854b42941

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 767 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da4f28e516dfeb3118bffbf7dd48944620adf0f15d1e9fc019d1a21d5e6167eb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caae9257d022b731b579a65d458ee204cb2cc404cb9f300e78274d4bdf915d30

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ebbeff35834ab2030fada9fccbd2315e21b6a9918530d306d9f8885cadd7cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e18039d9b86dfb20f0de75a236ce38ca78dd53810c1e6db42c70baa281d54318

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a164552a6dde632a86cead517df62c316010645e2c79c278f0999d56fad0e0a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 11 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cfc4286ee88c69f1b11cbb016dcc96f94558c1293ee442acd705569727107be

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8639f1b554805fc4f701a8629deddd603c18f622b60d35f63ad686032b91b549

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03ce37a48e8fa8b84caf58f902a90dac8db3fdab937b2c8c7a056a56b9f5dd16

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 819 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cbd1fa9704aaa148578fd626205e7c47d664dab8b5b586a5c52b0bb4e060143

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d63f5523f7e91d44f00f52d2ccf2f2766193bfe1db0cc27e9018975a74306ef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de7bcb1e092562459f03066ae4badc1a6495c370e31f5bed4a78d2093a801bef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36ec90aea0702d8abd3d4fc72b3d189c44fe1fa3cf6cb3c617f6f4522f92540f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 background-kelp.svg
www.orca.so/ 23 KB
10 KB 210ms
122ms Image
image/svg+xml 2606:4700:10::ac43:b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orca.so/background-kelp.svg

Requested by

Host: orca-so.app
URL: https://orca-so.app/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6d097f02f00472f30b829ec29deefadb5e559d272262f25db9b079be74a1a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://orca-so.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:51:15 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
age: 100171
content-disposition: inline; filename="background-kelp.svg"
or-country: US
x-vercel-id: iad1::lgssd-1706395875821-4360896588af
server: cloudflare
x-matched-path: /background-kelp.svg
etag: W/"5d1a3f9f567bbb31b9fe1cf7df66f70f"
x-vercel-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: or-country
cache-control: public, max-age=0, must-revalidate
cf-ray: 84c48f2f68de4bc3-BUF

GET
H2 200 image
www.orca.so/_next/ 4 KB
4 KB 162ms
138ms Image
image/webp 2606:4700:10::ac43:b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orca.so/_next/image?url=https%3A%2F%2Fassets.coingecko.com%2Fcoins%2Fimages%2F17547%2Flarge%2FOrca_Logo.png%3F1628781615&w=32&q=75

Requested by

Host: orca-so.app
URL: https://orca-so.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29d3d8ecfaae6bcc739d2566624f16ec4c5099fb15b6a9bfe0a78582ffaa41cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://orca-so.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:51:15 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
age: 269248
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="Orca_Logo.webp"
or-country: US
content-length: 4082
last-modified: Wed, 24 Jan 2024 20:03:47 GMT
x-vercel-id: iad1::j87rf-1706395875822-2cb1d4bfe4b7
server: cloudflare
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: or-country
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84c48f2f68e04bc3-BUF

GET
H2 200 image
www.orca.so/_next/ 1010 B
1 KB 155ms
136ms Image
image/webp 2606:4700:10::ac43:b32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.orca.so/_next/image?url=https%3A%2F%2Fassets.coingecko.com%2Fcoins%2Fimages%2F21629%2Flarge%2Fsolana.jpg%3F1639626543&w=32&q=75

Requested by

Host: orca-so.app
URL: https://orca-so.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:b32 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b182992587119e85db1545688b637d5322778bd1894b548d1082394d522cd7b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://orca-so.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:51:15 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
age: 1556750
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="solana.webp"
or-country: US
content-length: 1010
last-modified: Tue, 09 Jan 2024 22:25:24 GMT
x-vercel-id: iad1::z6hmg-1706395875823-2cd0b83d7b25
server: cloudflare
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: or-country
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84c48f2f68df4bc3-BUF

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame AC39 200 B
1 KB 319ms
104ms Document
text/html 52.222.169.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: orca-so.app
URL: https://orca-so.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.169.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-169-52.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orca-so.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1798
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 27 Jan 2024 22:21:55 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Wed, 20 Dec 2023 18:28:32 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 76a5975e559091e5f81e2804be07dd0c.cloudfront.net (CloudFront)
x-amz-cf-id: UfbxvnfDnFla0W_frfRzD_J1nig9a0jgXGmDZGs9T7WS7a2i927oJg==
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AC39 631 B
1 KB 104ms
102ms Script
text/javascript 52.222.169.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.169.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-169-52.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 22:49:19 GMT
via: 1.1 76a5975e559091e5f81e2804be07dd0c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 173
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
content-length: 631
last-modified: Wed, 20 Dec 2023 18:28:30 GMT
server: Cloudfront
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MEMsqmkKBAI3mX-gt3i3trDfiGj3iSfNNnVX83weM60144ln7HcKqw==

POST
H2 200 csp-report
q.stripe.com/ Frame AC39 0
718 B 277ms
86ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: orca-so.app
URL: https://orca-so.app/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 27 Jan 2024 22:51:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706395876288568
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706395876288090
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame AC39 0
717 B 277ms
87ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: orca-so.app
URL: https://orca-so.app/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 27 Jan 2024 22:51:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706395876288481
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706395876288100
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame C40E 930 B
1 KB 57ms
17ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 222
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 27 Jan 2024 22:51:16 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 121
x-content-type-options: nosniff
x-request-id: 639a3d8a-1633-4af4-807d-d65d52409f02
x-served-by: cache-yyz4577-YYZ
x-timer: S1706395876.203948,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame C40E 0
491 B 105ms
88ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: orca-so.app
URL: https://orca-so.app/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 27 Jan 2024 22:51:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706395876288478
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1706395876288130
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame C40E 87 KB
15 KB 18ms
17ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sat, 27 Jan 2024 22:51:16 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 221
x-cache: HIT
content-length: 15509
x-request-id: da6b092f-b24f-4ca9-afca-30debfd9e42c
x-served-by: cache-yyz4577-YYZ
server: Fastly
x-timer: S1706395876.232627,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 113

POST
H2 200 6 Show response
m.stripe.com/ Frame C40E 156 B
669 B 264ms
89ms XHR
application/json 44.238.254.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.238.254.105 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-254-105.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a7823d686a7c25880d1b13e670a541c65e9a5cd726d2a83a0bf924af3d7d5c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 27 Jan 2024 22:51:16 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706395876537688
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706395876537432
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 03:35:55	Name: m Value: 6caeba03-fe71-492a-b7f4-4645acf0384c7a4992

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
orca-so.app
q.stripe.com
www.orca.so
151.101.192.176
2606:4700:10::ac43:b32
2606:4700:3035::6815:374e
2607:f8b0:4004:c09::5f
44.238.254.105
52.222.169.52
54.186.23.98
0031faa52ea912fee1494db76442c8f8d2c5af5fa9ac077f8a45209a6f83b41d
03ce37a48e8fa8b84caf58f902a90dac8db3fdab937b2c8c7a056a56b9f5dd16
103ef4b670d4ab81793bf213a9cc1024ac25064260b7cda7f11ef90854b42941
1cbd1fa9704aaa148578fd626205e7c47d664dab8b5b586a5c52b0bb4e060143
29d3d8ecfaae6bcc739d2566624f16ec4c5099fb15b6a9bfe0a78582ffaa41cc
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
36ec90aea0702d8abd3d4fc72b3d189c44fe1fa3cf6cb3c617f6f4522f92540f
3d63f5523f7e91d44f00f52d2ccf2f2766193bfe1db0cc27e9018975a74306ef
3e6d097f02f00472f30b829ec29deefadb5e559d272262f25db9b079be74a1a8
4b182992587119e85db1545688b637d5322778bd1894b548d1082394d522cd7b
4de0f7541473fd639ed252f1ed9b1169a3336b39acbef43d48b5335b169ae323
5cfc4286ee88c69f1b11cbb016dcc96f94558c1293ee442acd705569727107be
6ebbeff35834ab2030fada9fccbd2315e21b6a9918530d306d9f8885cadd7cb1
8639f1b554805fc4f701a8629deddd603c18f622b60d35f63ad686032b91b549
8eee49e3d0f4e651f9f40adfd661861997715b99d5b88103ae44d248ca6b1751
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a164552a6dde632a86cead517df62c316010645e2c79c278f0999d56fad0e0a9
a7823d686a7c25880d1b13e670a541c65e9a5cd726d2a83a0bf924af3d7d5c3d
caae9257d022b731b579a65d458ee204cb2cc404cb9f300e78274d4bdf915d30
da4f28e516dfeb3118bffbf7dd48944620adf0f15d1e9fc019d1a21d5e6167eb
de7bcb1e092562459f03066ae4badc1a6495c370e31f5bed4a78d2093a801bef
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e18039d9b86dfb20f0de75a236ce38ca78dd53810c1e6db42c70baa281d54318
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f0a1e2263ef6cdf30ab88d2f53e6d4e16a40e66fc3f4d28755d6bc11bb19ec81
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb5c7ff3610c344e4ab26d45f23e9133706716c410db246a482b004b7079c4e2

orca-so.app Open in urlscan Pro 2606:4700:3035::6815:374e Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

43 %IPv6

5 Domains

7 Subdomains

8 IPs

1 Countries

130 kBTransfer

441 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

orca-so.app Open in urlscan Pro
2606:4700:3035::6815:374e Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

8
IPs

1
Countries

130 kB
Transfer

441 kB
Size

1
Cookies

15 HTTP transactions
15 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!